Coinbase Offers $50,000 Hack the World Bug Bounty

Coinbase, one of the world’s largest cryptocurrency exchanges, announced it will actively participate in Hackerone’s “Hack the World” project, offering 50,000 USD for a first-place remote code execution. It’s the company’s effort to extend its bug bounty program in hopes of remaining “top-of-[the]-market” with regard to security.

Instead of researchers “facing a choice between using a vulnerability themselves,” he urged, “selling a vulnerability to 3rd parties or giving a vulnerability away for free, bounties present a good, legal, risk-adjusted return for the time invested by a researcher.”

Though most proposals are not relevant, Coinbase finds value in bug bounties.

Over five years, the exchange has “paid out $176,031 in bounties to 223 researchers across 346 valid reports out of a total of 3101 reports submitted,” Mr. Martin noted.

This year, Coinbase joins a competition hosted by Hackerone, Hack the World. An unsigned blog post stated the venture’s goals as “to help build stronger relationships between our hackers and our customers, reward high signal and high impact reports, and to have some fun along the way by giving out some awesome prizes to our top hackers.”

Sponsors range from Uber, Github, and Airbnb, to Mapbox and Dropbox.

Coinbase is offering “the top 3 most impactful bugs submitted, as part of Hack The World, an additional $10,000, $7,500 and $5,000,” he explained. “‘Most Impactful’ will be judged by the Coinbase security team on a combination of bug severity, system criticality and report quality.”

Bitcoin, Safe and Easy

This does not mean storing bitcoin on the exchange is safe. In fact, “there have been months when Coinbase users have been robbed as often as 30 times—a rate of one robbery every single day,” according to Fortune.

CEO Brian Armstrong tells Ms. Wieczner, “We need to be held to a higher standard because digital currency is so new and interesting and powerful that it is attractive to a lot of people out there to try to steal it.” The exchange holds users’ keys, allowing them ease of access to trading through mere passwords.

Thefts are generally on the customer side, exploiting weaknesses at mobile phone carrier companies such as Sprint and Verizon.

Hack The World competition formally ends on November 18.

What do you think about hacking bounties? Tell us in the comments below!

Images courtesy of Creative Commons, Pixabay, and Coinbase.

At Bitcoin.com there’s a bunch of free helpful services. For instance, check out our Tools page!